Security program automatically tracks down missing patches

Secunia has updated its Personal Software Inspector (PSI) with the ability to silently download and apply patches from multiple vendors soon after their release. PSI 2.0 is now available in an open beta test,

Alongside the failure of security software to detect an exploit or a piece of malicious software, missing patches remain a significant reason why computers become infected with bad code. Cybercriminals are increasingly probing third-party applications to find a way to take over computers.

Secunia looked at the top 50 programs used by its more than two million users. Twenty-six of those programs are made by Microsoft, which uses an auto-update mechanism to distribute patches on the second Tuesday of the month. Of the 420 or so vulnerabilities found in those 50 programs in 2009, about 35 percent of those were Microsoft programs, said Stefan Frei, research analyst director for the company.

The rest were in third-party applications from Adobe Systems, Apple and others, which use up to 13 different update mechanisms for the remaining 65 per cent of vulnerabilities found in the 24 applications, Frei said.

Many of those applications have auto-update mechanisms, but none have uniform schedules for checking for new patches, Frei said. That leaves a window of opportunity for cybercriminals.

Even with diligent patching, there are "lots of users who have one, two, three apps that are not patched," Frei said.

In 2009, Secunia proposed to software vendors to create a common protocol that all vendors could use in order to get patches distributed faster. No agreement was reached, Frei said.

As a result, Secunia figured out the "secret sauce" to silently auto-update many applications in PSI 2.0. "This works for quite a few applications, and we are increasing the number of applications we can support," Frei said. "If the vendor releases the patch in a way that we can automate the download of the installation, it works."

PSI takes an inventory of applications on a person's computer and their version number. It then checks in with Secunia several times a day to see if a new patch has been released, which is the default configuration for the application although users can turn it off. Secunia recommends leaving PSI run in the background, as it is a lightweight application, Frei said.

Since PSI 2.0 was released a couple of days ago, more than 6,500 people have downloaded it and more than 10,000 patches have been installed. Most users need at least one patch. The number of downloads of PSI and patch installs was surprising, Frei said.

"We were astonished after 24 hours when we looked at the data," he said.

Secunia recorded more than 2,000 installations of patches for Adobe's Flash Player and more than 1,000 for Adobe Reader. Other most frequently patched applications from the sample set included Sun's Java JRE, Adobe Air, Irfan View, the Opera Web browser, Skype, Wireshark and the Firefox browser, according to Secunia's blog.

PSI 2.0 is free. The software is expected to come out of beta later this year, Frei said.

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited. Copyright 2013 IDG Communications.
ABN 14 001 592 650. All rights reserved.

Contact Us

With over 25 years of brand awareness and credibility, Good Gear Guide (formerly PC World Australia), consistently delivers editorial excellence through award-winning content and trusted product reviews.